diff options
Diffstat (limited to 'roles')
38 files changed, 443 insertions, 109 deletions
diff --git a/roles/cockpit/defaults/main.yml b/roles/cockpit/defaults/main.yml new file mode 100644 index 000000000..ffd55f1dd --- /dev/null +++ b/roles/cockpit/defaults/main.yml @@ -0,0 +1,5 @@ +--- +os_firewall_use_firewalld: false +os_firewall_allow: +- service: cockpit-ws + port: 9090/tcp diff --git a/roles/cockpit/meta/main.yml b/roles/cockpit/meta/main.yml new file mode 100644 index 000000000..1e3948b19 --- /dev/null +++ b/roles/cockpit/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + author: Scott Dodson + description: Deploy and Enable cockpit-ws plus optional plugins + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.7 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: + - { role: os_firewall } diff --git a/roles/cockpit/tasks/main.yml b/roles/cockpit/tasks/main.yml new file mode 100644 index 000000000..875cbad21 --- /dev/null +++ b/roles/cockpit/tasks/main.yml @@ -0,0 +1,16 @@ +--- +- name: Install cockpit-ws + yum: + name: "{{ item }}" + state: present + with_items: + - cockpit-ws + - cockpit-shell + - cockpit-bridge + - "{{ cockpit_plugins }}" + +- name: Enable cockpit-ws + service: + name: cockpit.socket + enabled: true + state: started diff --git a/roles/lib_zabbix/library/zbx_item.py b/roles/lib_zabbix/library/zbx_item.py index 2ccc21292..5dc3cff9b 100644 --- a/roles/lib_zabbix/library/zbx_item.py +++ b/roles/lib_zabbix/library/zbx_item.py @@ -53,6 +53,8 @@ def get_value_type(value_type): vtype = 0 if 'int' in value_type: vtype = 3 + elif 'log' in value_type: + vtype = 2 elif 'char' in value_type: vtype = 1 elif 'str' in value_type: @@ -105,6 +107,39 @@ def get_multiplier(inval): return rval, 0 +def get_zabbix_type(ztype): + ''' + Determine which type of discoverrule this is + ''' + _types = {'agent': 0, + 'SNMPv1': 1, + 'trapper': 2, + 'simple': 3, + 'SNMPv2': 4, + 'internal': 5, + 'SNMPv3': 6, + 'active': 7, + 'aggregate': 8, + 'web': 9, + 'external': 10, + 'database monitor': 11, + 'ipmi': 12, + 'ssh': 13, + 'telnet': 14, + 'calculated': 15, + 'JMX': 16, + 'SNMP trap': 17, + } + + for typ in _types.keys(): + if ztype in typ or ztype == typ: + _vtype = _types[typ] + break + else: + _vtype = 2 + + return _vtype + # The branches are needed for CRUD and error handling # pylint: disable=too-many-branches def main(): @@ -121,8 +156,10 @@ def main(): name=dict(default=None, type='str'), key=dict(default=None, type='str'), template_name=dict(default=None, type='str'), - zabbix_type=dict(default=2, type='int'), + zabbix_type=dict(default='trapper', type='str'), value_type=dict(default='int', type='str'), + interval=dict(default=60, type='int'), + delta=dict(default=0, type='int'), multiplier=dict(default=None, type='str'), description=dict(default=None, type='str'), units=dict(default=None, type='str'), @@ -180,13 +217,15 @@ def main(): params = {'name': module.params.get('name', module.params['key']), 'key_': module.params['key'], 'hostid': templateid[0], - 'type': module.params['zabbix_type'], + 'type': get_zabbix_type(module.params['zabbix_type']), 'value_type': get_value_type(module.params['value_type']), 'applications': get_app_ids(module.params['applications'], app_name_ids), 'formula': formula, 'multiplier': use_multiplier, 'description': module.params['description'], 'units': module.params['units'], + 'delay': module.params['interval'], + 'delta': module.params['delta'], } # Remove any None valued params diff --git a/roles/lib_zabbix/tasks/create_template.yml b/roles/lib_zabbix/tasks/create_template.yml index 41381e76c..ac9cf756b 100644 --- a/roles/lib_zabbix/tasks/create_template.yml +++ b/roles/lib_zabbix/tasks/create_template.yml @@ -38,6 +38,9 @@ units: "{{ item.units | default('', True) }}" template_name: "{{ template.name }}" applications: "{{ item.applications }}" + zabbix_type: "{{ item.zabbix_type | default('trapper') }}" + interval: "{{ item.interval | default(60, True) }}" + delta: "{{ item.delta | default(0, True) }}" with_items: template.zitems register: created_items when: template.zitems is defined diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index 7d4f100e3..2043985ec 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -1,9 +1,9 @@ --- # By default install rhel and xpaas streams on enterprise installs -openshift_examples_load_centos: "{{ openshift_deployment_type != 'enterprise' }}" -openshift_examples_load_rhel: "{{ openshift_deployment_type == 'enterprise' }}" +openshift_examples_load_centos: "{{ openshift_deployment_type not in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" +openshift_examples_load_rhel: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" openshift_examples_load_db_templates: true -openshift_examples_load_xpaas: "{{ openshift_deployment_type == 'enterprise' }}" +openshift_examples_load_xpaas: "{{ openshift_deployment_type in ['enterprise','openshift-enterprise','atomic-enterprise','online'] }}" openshift_examples_load_quickstarts: true examples_base: /usr/share/openshift/examples diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index 3047a3add..21137e31b 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -15,7 +15,7 @@ wget https://github.com/openshift/rails-ex/archive/master.zip -O rails-ex-master wget https://github.com/openshift/nodejs-ex/archive/master.zip -O nodejs-ex-master.zip wget https://github.com/openshift/dancer-ex/archive/master.zip -O dancer-ex-master.zip wget https://github.com/openshift/cakephp-ex/archive/master.zip -O cakephp-ex-master.zip -wget https://github.com/jboss-openshift/application-templates/archive/master.zip -O application-templates-master.zip +wget https://github.com/jboss-openshift/application-templates/archive/ose-v1.0.2.zip -O application-templates-master.zip unzip origin-master.zip unzip django-ex-master.zip unzip rails-ex-master.zip diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json index f213d99ca..268d680f4 100644 --- a/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/image-streams/image-streams-centos7.json @@ -23,7 +23,8 @@ "iconClass": "icon-ruby", "tags": "builder,ruby", "supports": "ruby:2.0,ruby", - "version": "2.0" + "version": "2.0", + "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { "Kind": "ImageStreamTag", @@ -53,7 +54,8 @@ "iconClass": "icon-nodejs", "tags": "builder,nodejs", "supports":"nodejs:0.10,nodejs:0.1,nodejs", - "version": "0.10" + "version": "0.10", + "sampleRepo": "https://github.com/openshift/nodejs-ex.git" }, "from": { "Kind": "ImageStreamTag", @@ -83,7 +85,8 @@ "iconClass": "icon-perl", "tags": "builder,perl", "supports":"perl:5.16,perl", - "version": "5.16" + "version": "5.16", + "sampleRepo": "https://github.com/openshift/dancer-ex.git" }, "from": { "Kind": "ImageStreamTag", @@ -113,7 +116,8 @@ "iconClass": "icon-php", "tags": "builder,php", "supports":"php:5.5,php", - "version": "5.5" + "version": "5.5", + "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { "Kind": "ImageStreamTag", @@ -143,7 +147,8 @@ "iconClass": "icon-python", "tags": "builder,python", "supports":"python:3.3,python", - "version": "3.3" + "version": "3.3", + "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { "Kind": "ImageStreamTag", @@ -173,7 +178,8 @@ "iconClass": "icon-wildfly", "tags": "builder,wildfly,java", "supports":"wildfly:8.1,jee,java", - "version": "8.1" + "version": "8.1", + "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" }, "from": { "Kind": "ImageStreamTag", diff --git a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json index 8c125f76a..aa62ebd53 100644 --- a/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/image-streams/image-streams-rhel7.json @@ -23,7 +23,8 @@ "iconClass": "icon-ruby", "tags": "builder,ruby", "supports": "ruby:2.0,ruby", - "version": "2.0" + "version": "2.0", + "sampleRepo": "https://github.com/openshift/ruby-ex.git" }, "from": { "Kind": "ImageStreamTag", @@ -53,7 +54,8 @@ "iconClass": "icon-nodejs", "tags": "builder,nodejs", "supports":"nodejs:0.10,nodejs:0.1,nodejs", - "version": "0.10" + "version": "0.10", + "sampleRepo": "https://github.com/openshift/nodejs-ex.git" }, "from": { "Kind": "ImageStreamTag", @@ -83,7 +85,8 @@ "iconClass": "icon-perl", "tags": "builder,perl", "supports":"perl:5.16,perl", - "version": "5.16" + "version": "5.16", + "sampleRepo": "https://github.com/openshift/dancer-ex.git" }, "from": { "Kind": "ImageStreamTag", @@ -113,7 +116,8 @@ "iconClass": "icon-php", "tags": "builder,php", "supports":"php:5.5,php", - "version": "5.5" + "version": "5.5", + "sampleRepo": "https://github.com/openshift/cakephp-ex.git" }, "from": { "Kind": "ImageStreamTag", @@ -143,7 +147,8 @@ "iconClass": "icon-python", "tags": "builder,python", "supports":"python:3.3,python", - "version": "3.3" + "version": "3.3", + "sampleRepo": "https://github.com/openshift/django-ex.git" }, "from": { "Kind": "ImageStreamTag", diff --git a/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json index deac2010f..da5679444 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/cakephp-mysql.json @@ -201,6 +201,10 @@ { "name": "CAKEPHP_SECURITY_CIPHER_SEED", "value": "${CAKEPHP_SECURITY_CIPHER_SEED}" + }, + { + "name": "OPCACHE_REVALIDATE_FREQ", + "value": "${OPCACHE_REVALIDATE_FREQ}" } ] } @@ -364,6 +368,11 @@ "description": "Security cipher seed for session hash", "generate": "expression", "from": "[0-9]{30}" + }, + { + "name": "OPCACHE_REVALIDATE_FREQ", + "description": "The How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.", + "value": "2" } ] } diff --git a/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json b/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json index ec556ea13..f426e1dd6 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/cakephp.json @@ -190,6 +190,10 @@ { "name": "CAKEPHP_SECURITY_CIPHER_SEED", "value": "${CAKEPHP_SECURITY_CIPHER_SEED}" + }, + { + "name": "OPCACHE_REVALIDATE_FREQ", + "value": "${OPCACHE_REVALIDATE_FREQ}" } ] } @@ -261,6 +265,11 @@ "description": "Security cipher seed for session hash", "generate": "expression", "from": "[0-9]{30}" + }, + { + "name": "OPCACHE_REVALIDATE_FREQ", + "description": "The How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.", + "value": "2" } ] } diff --git a/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json index 2cbcc0889..55f655102 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/dancer-mysql.json @@ -175,6 +175,10 @@ { "name": "SECRET_KEY_BASE", "value": "${SECRET_KEY_BASE}" + }, + { + "name": "PERL_APACHE2_RELOAD", + "value": "${PERL_APACHE2_RELOAD}" } ] } @@ -330,6 +334,11 @@ "value": "openshift/mysql-55-centos7" }, { + "name": "PERL_APACHE2_RELOAD", + "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules", + "value": "" + }, + { "name": "SECRET_KEY_BASE", "description": "Your secret key for verifying the integrity of signed cookies", "generate": "expression", diff --git a/roles/openshift_examples/files/examples/quickstart-templates/dancer.json b/roles/openshift_examples/files/examples/quickstart-templates/dancer.json index 43271dfc5..3ee19be83 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/dancer.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/dancer.json @@ -157,6 +157,12 @@ { "containerPort": 8080 } + ], + "env": [ + { + "name": "PERL_APACHE2_RELOAD", + "value": "${PERL_APACHE2_RELOAD}" + } ] } ] @@ -195,6 +201,11 @@ "description": "Your secret key for verifying the integrity of signed cookies", "generate": "expression", "from": "[a-z0-9]{127}" + }, + { + "name": "PERL_APACHE2_RELOAD", + "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules", + "value": "" } ] } diff --git a/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json index 017b5be19..8760b074c 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/nodejs-mongodb.json @@ -102,6 +102,12 @@ "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } } ] } @@ -298,6 +304,12 @@ "from": "[a-zA-Z0-9]{40}" }, { + "name": "GENERIC_WEBHOOK_SECRET", + "description": "A secret string used to configure the Generic webhook", + "generate": "expression", + "from": "[a-zA-Z0-9]{40}" + }, + { "name": "DATABASE_SERVICE_NAME", "description": "Database service name", "value": "mongodb" @@ -328,7 +340,7 @@ { "name": "MONGODB_IMAGE", "description": "Image to use for mongodb", - "value": "openshift/mongodb-24-centos7" + "value": "openshift/mongodb-24-centos7" } ] } diff --git a/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json b/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json index 55488ab41..e047266e3 100644 --- a/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json +++ b/roles/openshift_examples/files/examples/quickstart-templates/nodejs.json @@ -102,6 +102,12 @@ "github": { "secret": "${GITHUB_WEBHOOK_SECRET}" } + }, + { + "type": "Generic", + "generic": { + "secret": "${GENERIC_WEBHOOK_SECRET}" + } } ] } @@ -213,6 +219,12 @@ "from": "[a-zA-Z0-9]{40}" }, { + "name": "GENERIC_WEBHOOK_SECRET", + "description": "A secret string used to configure the Generic webhook", + "generate": "expression", + "from": "[a-zA-Z0-9]{40}" + }, + { "name": "DATABASE_SERVICE_NAME", "description": "Database service name" }, diff --git a/roles/openshift_examples/tasks/main.yml b/roles/openshift_examples/tasks/main.yml index 3a829a4c6..40b7a5d6e 100644 --- a/roles/openshift_examples/tasks/main.yml +++ b/roles/openshift_examples/tasks/main.yml @@ -32,7 +32,7 @@ - name: Import quickstart-templates command: > {{ openshift.common.client_binary }} {{ openshift_examples_import_command }} -n openshift -f {{ quickstarts_base }} - when: openshift_examples_load_quickstarts + when: openshift_examples_load_quickstarts | bool register: oex_import_quickstarts failed_when: "'already exists' not in oex_import_quickstarts.stderr and oex_import_quickstarts.rc != 0" changed_when: false diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 69bb49c9b..67994d11d 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -1,6 +1,10 @@ #!/usr/bin/python +# pylint: disable=too-many-lines # -*- coding: utf-8 -*- # vim: expandtab:tabstop=4:shiftwidth=4 +# Reason: Disable pylint too-many-lines because we don't want to split up this file. +# Status: Permanently disabled to keep this module as self-contained as possible. + """Ansible module for retrieving and setting openshift related facts""" DOCUMENTATION = ''' @@ -17,6 +21,7 @@ import ConfigParser import copy import os from distutils.util import strtobool +from distutils.version import LooseVersion def hostname_valid(hostname): @@ -318,6 +323,29 @@ def set_node_schedulability(facts): facts['node']['schedulable'] = True return facts +def set_master_selectors(facts): + """ Set selectors facts if not already present in facts dict + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated selectors + facts if they were not already present + + """ + if 'master' in facts: + if 'infra_nodes' in facts['master']: + deployment_type = facts['common']['deployment_type'] + if deployment_type == 'online': + selector = "type=infra" + else: + selector = "region=infra" + + if 'router_selector' not in facts['master']: + facts['master']['router_selector'] = selector + if 'registry_selector' not in facts['master']: + facts['master']['registry_selector'] = selector + return facts + def set_metrics_facts_if_unset(facts): """ Set cluster metrics facts if not already present in facts dict dict: the facts dict updated with the generated cluster metrics facts if @@ -335,6 +363,33 @@ def set_metrics_facts_if_unset(facts): facts['common']['use_cluster_metrics'] = use_cluster_metrics return facts +def set_project_cfg_facts_if_unset(facts): + """ Set Project Configuration facts if not already present in facts dict + dict: + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the generated Project Configuration + facts if they were not already present + + """ + + config = { + 'default_node_selector': '', + 'project_request_message': '', + 'project_request_template': '', + 'mcs_allocator_range': 's0:/2', + 'mcs_labels_per_project': 5, + 'uid_allocator_range': '1000000000-1999999999/10000' + } + + if 'master' in facts: + for key, value in config.items(): + if key not in facts['master']: + facts['master'][key] = value + + return facts + def set_identity_providers_if_unset(facts): """ Set identity_providers fact if not already present in facts dict @@ -474,7 +529,15 @@ def set_deployment_facts_if_unset(facts): if deployment_type in ['enterprise', 'online']: data_dir = '/var/lib/openshift' facts['common']['data_dir'] = data_dir - facts['common']['version'] = get_openshift_version() + facts['common']['version'] = version = get_openshift_version() + if version is not None: + if deployment_type == 'origin': + version_gt_3_1_or_1_1 = LooseVersion(version) > LooseVersion('1.0.6') + else: + version_gt_3_1_or_1_1 = LooseVersion(version) > LooseVersion('3.0.2') + else: + version_gt_3_1_or_1_1 = True + facts['common']['version_greater_than_3_1_or_1_1'] = version_gt_3_1_or_1_1 for role in ('master', 'node'): if role in facts: @@ -605,11 +668,11 @@ def get_openshift_version(): Returns: version: the current openshift version """ - version = '' + version = None if os.path.isfile('/usr/bin/openshift'): _, output, _ = module.run_command(['/usr/bin/openshift', 'version']) - versions = dict(e.split(' v') for e in output.splitlines()) + versions = dict(e.split(' v') for e in output.splitlines() if ' v' in e) version = versions.get('openshift', '') #TODO: acknowledge the possility of a containerized install @@ -780,8 +843,10 @@ class OpenShiftFacts(object): facts = merge_facts(facts, local_facts) facts['current_config'] = get_current_config(facts) facts = set_url_facts_if_unset(facts) + facts = set_project_cfg_facts_if_unset(facts) facts = set_fluentd_facts_if_unset(facts) facts = set_node_schedulability(facts) + facts = set_master_selectors(facts) facts = set_metrics_facts_if_unset(facts) facts = set_identity_providers_if_unset(facts) facts = set_sdn_facts_if_unset(facts) diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index fd3d20800..6301d4fc0 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 +- name: Verify Ansible version is greater than 1.8.0 and not 1.9.0 and not 1.9.0.1 assert: that: - ansible_version | version_compare('1.8.0', 'ge') diff --git a/roles/openshift_manage_node/tasks/main.yml b/roles/openshift_manage_node/tasks/main.yml index 7c4f45ce6..637e494ea 100644 --- a/roles/openshift_manage_node/tasks/main.yml +++ b/roles/openshift_manage_node/tasks/main.yml @@ -1,21 +1,21 @@ - name: Wait for Node Registration command: > - {{ openshift.common.client_binary }} get node {{ item }} + {{ openshift.common.client_binary }} get node {{ item | lower }} register: omd_get_node until: omd_get_node.rc == 0 - retries: 10 + retries: 20 delay: 5 with_items: openshift_nodes - name: Set node schedulability command: > - {{ openshift.common.admin_binary }} manage-node {{ item.openshift.common.hostname }} --schedulable={{ 'true' if item.openshift.node.schedulable | bool else 'false' }} + {{ openshift.common.admin_binary }} manage-node {{ item.openshift.common.hostname | lower }} --schedulable={{ 'true' if item.openshift.node.schedulable | bool else 'false' }} with_items: - "{{ openshift_node_vars }}" - name: Label nodes command: > - {{ openshift.common.client_binary }} label --overwrite node {{ item.openshift.common.hostname }} {{ item.openshift.node.labels | oo_combine_dict }} + {{ openshift.common.client_binary }} label --overwrite node {{ item.openshift.common.hostname | lower }} {{ item.openshift.node.labels | oo_combine_dict }} with_items: - "{{ openshift_node_vars }}" when: "'labels' in item.openshift.node and item.openshift.node.labels != {}" diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index 2981979e0..37028e0f6 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -1,4 +1,4 @@ --- - name: restart master service: name={{ openshift.common.service_type }}-master state=restarted - when: not openshift_master_ha | bool + when: (not openshift_master_ha | bool) and (not master_service_status_changed | default(false)) diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index fa12005ab..94eb73346 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -52,27 +52,21 @@ default_subdomain: "{{ osm_default_subdomain | default(None) }}" custom_cors_origins: "{{ osm_custom_cors_origins | default(None) }}" default_node_selector: "{{ osm_default_node_selector | default(None) }}" + project_request_message: "{{ osm_project_request_message | default(None) }}" + project_request_template: "{{ osm_project_request_template | default(None) }}" + mcs_allocator_range: "{{ osm_mcs_allocator_range | default(None) }}" + mcs_labels_per_project: "{{ osm_mcs_labels_per_project | default(None) }}" + uid_allocator_range: "{{ osm_uid_allocator_range | default(None) }}" + router_selector: "{{ openshift_router_selector | default(None) }}" + registry_selector: "{{ openshift_registry_selector | default(None) }}" api_server_args: "{{ osm_api_server_args | default(None) }}" controller_args: "{{ osm_controller_args | default(None) }}" + infra_nodes: "{{ num_infra | default(None) }}" - name: Install Master package yum: pkg={{ openshift.common.service_type }}-master{{ openshift_version }} state=present register: install_result -- name: Check for RPM generated config marker file /etc/origin/.config_managed - stat: path=/etc/origin/.rpmgenerated - register: rpmgenerated_config - -- name: Remove RPM generated config files - file: - path: "{{ item }}" - state: absent - when: openshift.common.service_type in ['atomic-enterprise','openshift-enterprise'] and rpmgenerated_config.stat.exists == true - with_items: - - "{{ openshift.common.config_base }}/master" - - "{{ openshift.common.config_base }}/node" - - "{{ openshift.common.config_base }}/.rpmgenerated" - # TODO: These values need to be configurable - name: Set dns facts openshift_facts: @@ -152,9 +146,8 @@ when: not openshift_master_ha | bool register: start_result -- name: pause to prevent service restart from interfering with bootstrapping - pause: seconds=30 - when: start_result | changed +- set_fact: + master_service_status_changed = start_result | changed - name: Install cluster packages yum: pkg=pcs state=present @@ -169,13 +162,17 @@ shell: echo {{ openshift_master_cluster_password | quote }} | passwd --stdin hacluster when: install_result | changed +- name: Lookup default group for ansible_ssh_user + command: "/usr/bin/id -g {{ ansible_ssh_user }}" + register: _ansible_ssh_user_gid + - name: Create the client config dir(s) file: path: "~{{ item }}/.kube" state: directory mode: 0700 owner: "{{ item }}" - group: "{{ item }}" + group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}" with_items: - root - "{{ ansible_ssh_user }}" @@ -196,7 +193,7 @@ state: file mode: 0700 owner: "{{ item }}" - group: "{{ item }}" + group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}" with_items: - root - "{{ ansible_ssh_user }}" diff --git a/roles/openshift_master/templates/master.yaml.v1.j2 b/roles/openshift_master/templates/master.yaml.v1.j2 index 500690523..3e4f78b17 100644 --- a/roles/openshift_master/templates/master.yaml.v1.j2 +++ b/roles/openshift_master/templates/master.yaml.v1.j2 @@ -74,6 +74,9 @@ kubernetesMasterConfig: masterCount: 1 masterIP: "" podEvictionTimeout: "" + proxyClientInfo: + certFile: master.proxy-client.crt + keyFile: master.proxy-client.key schedulerConfigFile: {{ openshift_master_scheduler_conf }} servicesNodePortRange: "" servicesSubnet: {{ openshift.master.portal_net }} @@ -87,7 +90,9 @@ masterPublicURL: {{ openshift.master.public_api_url }} networkConfig: clusterNetworkCIDR: {{ openshift.master.sdn_cluster_network_cidr }} hostSubnetLength: {{ openshift.master.sdn_host_subnet_length }} +{% if openshift.common.use_openshift_sdn %} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} +{% endif %} # serviceNetworkCIDR must match kubernetesMasterConfig.servicesSubnet serviceNetworkCIDR: {{ openshift.master.portal_net }} {% include 'v1_partials/oauthConfig.j2' %} @@ -95,15 +100,14 @@ policyConfig: bootstrapPolicyFile: {{ openshift_master_policy }} openshiftInfrastructureNamespace: openshift-infra openshiftSharedResourcesNamespace: openshift -{# TODO: Allow users to override projectConfig items #} projectConfig: - defaultNodeSelector: "{{ openshift.master.default_node_selector | default("") }}" - projectRequestMessage: "" - projectRequestTemplate: "" + defaultNodeSelector: "{{ openshift.master.default_node_selector }}" + projectRequestMessage: "{{ openshift.master.project_request_message }}" + projectRequestTemplate: "{{ openshift.master.project_request_template }}" securityAllocator: - mcsAllocatorRange: s0:/2 - mcsLabelsPerProject: 5 - uidAllocatorRange: 1000000000-1999999999/10000 + mcsAllocatorRange: "{{ openshift.master.mcs_allocator_range }}" + mcsLabelsPerProject: {{ openshift.master.mcs_labels_per_project }} + uidAllocatorRange: "{{ openshift.master.uid_allocator_range }}" routingConfig: subdomain: "{{ openshift.master.default_subdomain | default("") }}" serviceAccountConfig: diff --git a/roles/openshift_master/templates/v1_partials/oauthConfig.j2 b/roles/openshift_master/templates/v1_partials/oauthConfig.j2 index 72889bc29..8a4f5a746 100644 --- a/roles/openshift_master/templates/v1_partials/oauthConfig.j2 +++ b/roles/openshift_master/templates/v1_partials/oauthConfig.j2 @@ -80,6 +80,7 @@ oauthConfig: provider: {{ identity_provider_config(identity_provider) }} {%- endfor %} + masterCA: ca.crt masterPublicURL: {{ openshift.master.public_api_url }} masterURL: {{ openshift.master.api_url }} sessionConfig: diff --git a/roles/openshift_master_ca/tasks/main.yml b/roles/openshift_master_ca/tasks/main.yml index 5c9639ea5..cfd1ceabf 100644 --- a/roles/openshift_master_ca/tasks/main.yml +++ b/roles/openshift_master_ca/tasks/main.yml @@ -18,5 +18,4 @@ --master={{ openshift.master.api_url }} --public-master={{ openshift.master.public_api_url }} --cert-dir={{ openshift_master_config_dir }} --overwrite=false - args: - creates: "{{ openshift_master_config_dir }}/master.server.key" + when: master_certs_missing diff --git a/roles/openshift_master_certificates/tasks/main.yml b/roles/openshift_master_certificates/tasks/main.yml index 0d75a9eb3..e4602337e 100644 --- a/roles/openshift_master_certificates/tasks/main.yml +++ b/roles/openshift_master_certificates/tasks/main.yml @@ -20,6 +20,8 @@ - admin.kubeconfig - master.kubelet-client.crt - master.kubelet-client.key + - "{{ 'master.proxy-client.crt' if openshift.common.version_greater_than_3_1_or_1_1 else omit }}" + - "{{ 'master.proxy-client.key' if openshift.common.version_greater_than_3_1_or_1_1 else omit }}" - openshift-master.crt - openshift-master.key - openshift-master.kubeconfig @@ -41,6 +43,5 @@ --public-master={{ item.openshift.master.public_api_url }} --cert-dir={{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }} --overwrite=false - args: - creates: "{{ openshift_generated_configs_dir }}/{{ item.master_cert_subdir }}/master.server.crt" + when: master_certs_missing with_items: masters_needing_certs diff --git a/roles/openshift_node/defaults/main.yml b/roles/openshift_node/defaults/main.yml index c4abf9d7c..fffbf2994 100644 --- a/roles/openshift_node/defaults/main.yml +++ b/roles/openshift_node/defaults/main.yml @@ -10,3 +10,6 @@ os_firewall_allow: port: 10255/tcp - service: Openshift kubelet ReadOnlyPort udp port: 10255/udp +- service: OpenShift OVS sdn + port: 4789/udp + when: openshift.node.use_openshift_sdn | bool diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml index 633f3ed13..447ca85f3 100644 --- a/roles/openshift_node/handlers/main.yml +++ b/roles/openshift_node/handlers/main.yml @@ -1,6 +1,7 @@ --- - name: restart node service: name={{ openshift.common.service_type }}-node state=restarted + when: not node_service_status_changed | default(false) - name: restart docker service: name=docker state=restarted diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index e8cc499c0..98271c8b3 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -22,7 +22,7 @@ deployment_type: "{{ openshift_deployment_type }}" - role: node local_facts: - labels: "{{ openshift_node_labels | default(none) }}" + labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}" annotations: "{{ openshift_node_annotations | default(none) }}" registry_url: "{{ oreg_url | default(none) }}" debug_level: "{{ openshift_node_debug_level | default(openshift.common.debug_level) }}" @@ -30,6 +30,8 @@ kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}" + docker_log_driver: "{{ lookup( 'oo_option' , 'docker_log_driver' ) | default('',True) }}" + docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' ) | default('',True) }}" # We have to add tuned-profiles in the same transaction otherwise we run into depsolving # problems because the rpms don't pin the version properly. @@ -68,12 +70,14 @@ register: docker_check # TODO: Enable secure registry when code available in origin -- name: Secure Registry +- name: Secure Registry and Logs Options lineinfile: dest: /etc/sysconfig/docker regexp: '^OPTIONS=.*$' line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }} \ -{% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %}'" +{% if ansible_selinux and ansible_selinux.status == '''enabled''' %}--selinux-enabled{% endif %} \ +{% if openshift.node.docker_log_driver is defined %} --log-driver {{ openshift.node.docker_log_driver }} {% endif %} \ +{% if openshift.node.docker_log_options is defined %} {{ openshift.node.docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}} {% endif %} '" when: docker_check.stat.isreg notify: - restart docker @@ -128,6 +132,5 @@ service: name={{ openshift.common.service_type }}-node enabled=yes state=started register: start_result -- name: pause to prevent service restart from interfering with bootstrapping - pause: seconds=30 - when: start_result | changed +- set_fact: + node_service_status_changed = start_result | changed diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 07d80f99b..4931d127e 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -12,13 +12,17 @@ kind: NodeConfig kubeletArguments: {{ openshift.node.kubelet_args | to_json }} {% endif %} masterKubeConfig: system:node:{{ openshift.common.hostname }}.kubeconfig +{% if openshift.common.use_openshift_sdn %} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} +{% endif %} # networkConfig struct introduced in origin 1.0.6 and OSE 3.0.2 which # deprecates networkPluginName above. The two should match. networkConfig: mtu: {{ openshift.node.sdn_mtu }} +{% if openshift.common.use_openshift_sdn %} networkPluginName: {{ openshift.common.sdn_network_plugin_name }} -nodeName: {{ openshift.common.hostname }} +{% endif %} +nodeName: {{ openshift.common.hostname | lower }} podManifestConfig: servingInfo: bindAddress: 0.0.0.0:10250 diff --git a/roles/openshift_registry/tasks/main.yml b/roles/openshift_registry/tasks/main.yml index 29387d7d5..749eea5c0 100644 --- a/roles/openshift_registry/tasks/main.yml +++ b/roles/openshift_registry/tasks/main.yml @@ -1,11 +1,14 @@ --- -- set_fact: _oreg_images="--images={{ oreg_url|quote }}" - when: oreg_url is defined +# This role is unused until we add options for configuring the backend storage + +- set_fact: _oreg_images="--images='{{ openshift.master.registry_url }}'" + +- set_fact: _oreg_selector="--selector='{{ openshift.master.registry_selector }}'" - name: Deploy OpenShift Registry command: > {{ openshift.common.admin_binary }} registry - --create - --credentials={{ openshift_master_config_dir }}/openshift-registry.kubeconfig {{ _oreg_images|default() }} + --create --service-account=registry {{ _oreg_selector }} + --credentials={{ openshift_master_config_dir }}/openshift-registry.kubeconfig {{ _oreg_images }} register: _oreg_results changed_when: "'service exists' not in _oreg_results.stdout" diff --git a/roles/openshift_router/tasks/main.yml b/roles/openshift_router/tasks/main.yml index 929177262..498a65127 100644 --- a/roles/openshift_router/tasks/main.yml +++ b/roles/openshift_router/tasks/main.yml @@ -1,11 +1,14 @@ --- -- set_fact: _ortr_images="--images={{ oreg_url|quote }}" - when: oreg_url is defined + +- set_fact: _ortr_images="--images='{{ openshift.master.registry_url }}'" + +- set_fact: _ortr_selector="--selector='{{ openshift.master.router_selector }}'" - name: Deploy OpenShift Router command: > {{ openshift.common.admin_binary }} router - --create - --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig {{ _ortr_images|default() }} + --create --replicas={{ openshift.master.infra_nodes }} + --service-account=router {{ _ortr_selector }} + --credentials={{ openshift_master_config_dir }}/openshift-router.kubeconfig {{ _ortr_images }} register: _ortr_results changed_when: "'service exists' not in _ortr_results.stdout" diff --git a/roles/os_zabbix/tasks/main.yml b/roles/os_zabbix/tasks/main.yml index e083296c0..a503b24d7 100644 --- a/roles/os_zabbix/tasks/main.yml +++ b/roles/os_zabbix/tasks/main.yml @@ -14,6 +14,7 @@ - include_vars: template_openshift_node.yml - include_vars: template_ops_tools.yml - include_vars: template_app_zabbix_server.yml +- include_vars: template_app_zabbix_agent.yml - name: Include Template Heartbeat include: ../../lib_zabbix/tasks/create_template.yml @@ -70,3 +71,11 @@ server: "{{ ozb_server }}" user: "{{ ozb_user }}" password: "{{ ozb_password }}" + +- name: Include Template App Zabbix Agent + include: ../../lib_zabbix/tasks/create_template.yml + vars: + template: "{{ g_template_app_zabbix_agent }}" + server: "{{ ozb_server }}" + user: "{{ ozb_user }}" + password: "{{ ozb_password }}" diff --git a/roles/os_zabbix/vars/template_app_zabbix_agent.yml b/roles/os_zabbix/vars/template_app_zabbix_agent.yml new file mode 100644 index 000000000..d636d4822 --- /dev/null +++ b/roles/os_zabbix/vars/template_app_zabbix_agent.yml @@ -0,0 +1,23 @@ +--- +g_template_app_zabbix_agent: + name: Template App Zabbix Agent + zitems: + - key: agent.hostname + applications: + - Zabbix agent + value_type: character + zabbix_type: agent + + - key: agent.ping + applications: + - Zabbix agent + description: The agent always returns 1 for this item. It could be used in combination with nodata() for availability check. + value_type: int + zabbix_type: agent + + ztriggers: + - name: '[Reboot] Zabbix agent on {HOST.NAME} is unreachable for 15 minutes' + description: Zabbix agent is unreachable for 15 minutes. + expression: '{Template App Zabbix Agent:agent.ping.nodata(15m)}=1' + priority: high + url: https://github.com/openshift/ops-sop/blob/master/Alerts/check_ping.asciidoc diff --git a/roles/os_zabbix/vars/template_app_zabbix_server.yml b/roles/os_zabbix/vars/template_app_zabbix_server.yml index dace2aa29..43517113b 100644 --- a/roles/os_zabbix/vars/template_app_zabbix_server.yml +++ b/roles/os_zabbix/vars/template_app_zabbix_server.yml @@ -8,7 +8,7 @@ g_template_app_zabbix_server: description: A simple count of the number of partition creates output by the housekeeper script. units: '' value_type: int - zabbix_type: '2' + zabbix_type: internal - key: housekeeper_drops applications: @@ -16,7 +16,7 @@ g_template_app_zabbix_server: description: A simple count of the number of partition drops output by the housekeeper script. units: '' value_type: int - zabbix_type: '2' + zabbix_type: internal - key: housekeeper_errors applications: @@ -24,7 +24,7 @@ g_template_app_zabbix_server: description: A simple count of the number of errors output by the housekeeper script. units: '' value_type: int - zabbix_type: '2' + zabbix_type: internal - key: housekeeper_total applications: @@ -33,7 +33,7 @@ g_template_app_zabbix_server: script. units: '' value_type: int - zabbix_type: '2' + zabbix_type: internal - key: zabbix[process,alerter,avg,busy] applications: @@ -41,7 +41,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,configuration syncer,avg,busy] applications: @@ -49,7 +49,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,db watchdog,avg,busy] applications: @@ -57,7 +57,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,discoverer,avg,busy] applications: @@ -65,7 +65,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,escalator,avg,busy] applications: @@ -73,7 +73,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,history syncer,avg,busy] applications: @@ -81,7 +81,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,housekeeper,avg,busy] applications: @@ -89,7 +89,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,http poller,avg,busy] applications: @@ -97,7 +97,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,icmp pinger,avg,busy] applications: @@ -105,7 +105,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,ipmi poller,avg,busy] applications: @@ -113,7 +113,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,java poller,avg,busy] applications: @@ -121,7 +121,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,node watcher,avg,busy] applications: @@ -129,7 +129,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,poller,avg,busy] applications: @@ -137,7 +137,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,proxy poller,avg,busy] applications: @@ -145,7 +145,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,self-monitoring,avg,busy] applications: @@ -153,7 +153,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,snmp trapper,avg,busy] applications: @@ -161,7 +161,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,timer,avg,busy] applications: @@ -169,7 +169,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,trapper,avg,busy] applications: @@ -177,7 +177,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[process,unreachable poller,avg,busy] applications: @@ -185,7 +185,7 @@ g_template_app_zabbix_server: description: '' units: '%' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[queue,10m] applications: @@ -193,7 +193,8 @@ g_template_app_zabbix_server: description: '' units: '' value_type: int - zabbix_type: '5' + zabbix_type: internal + interval: 600 - key: zabbix[queue] applications: @@ -201,7 +202,8 @@ g_template_app_zabbix_server: description: '' units: '' value_type: int - zabbix_type: '5' + zabbix_type: internal + interval: 600 - key: zabbix[rcache,buffer,pfree] applications: @@ -209,7 +211,7 @@ g_template_app_zabbix_server: description: '' units: '' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[wcache,history,pfree] applications: @@ -217,7 +219,7 @@ g_template_app_zabbix_server: description: '' units: '' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[wcache,text,pfree] applications: @@ -225,7 +227,7 @@ g_template_app_zabbix_server: description: '' units: '' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[wcache,trend,pfree] applications: @@ -233,7 +235,7 @@ g_template_app_zabbix_server: description: '' units: '' value_type: float - zabbix_type: '5' + zabbix_type: internal - key: zabbix[wcache,values] applications: @@ -241,7 +243,9 @@ g_template_app_zabbix_server: description: '' units: '' value_type: float - zabbix_type: '5' + zabbix_type: internal + delta: 1 # speed per second + ztriggers: - description: "There has been unexpected output while running the housekeeping script\ \ on the Zabbix. There are only three kinds of lines we expect to see in the output,\ diff --git a/roles/os_zabbix/vars/template_docker.yml b/roles/os_zabbix/vars/template_docker.yml index 395e054de..bfabf50c5 100644 --- a/roles/os_zabbix/vars/template_docker.yml +++ b/roles/os_zabbix/vars/template_docker.yml @@ -7,6 +7,11 @@ g_template_docker: - Docker Daemon value_type: int + - key: docker.info_elapsed_ms + applications: + - Docker Daemon + value_type: int + - key: docker.storage.is_loopback applications: - Docker Storage diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index 68f810fe0..1de4fefbb 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -19,6 +19,18 @@ g_template_openshift_master: applications: - Openshift Master + - key: openshift.master.pod.running.count + description: Shows number of pods running + type: int + applications: + - Openshift Master + + - key: openshift.project.counter + description: Shows number of projects on a cluster + type: int + applications: + - Openshift Master + ztriggers: - name: 'Application creation has failed on {HOST.NAME}' expression: '{Template Openshift Master:create_app.last(#1)}=1 and {Template Openshift Master:create_app.last(#2)}=1' @@ -40,3 +52,7 @@ g_template_openshift_master: url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' priority: info + - name: 'There are no projects running on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.project.counter.last()}=0' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' + priority: info diff --git a/roles/os_zabbix/vars/template_openshift_node.yml b/roles/os_zabbix/vars/template_openshift_node.yml index 36f9cc4a3..ce28b1048 100644 --- a/roles/os_zabbix/vars/template_openshift_node.yml +++ b/roles/os_zabbix/vars/template_openshift_node.yml @@ -8,13 +8,37 @@ g_template_openshift_node: applications: - Openshift Node + - key: openshift.node.ovs.pids.count + description: Shows number of ovs process ids running + type: int + applications: + - Openshift Node + + - key: openshift.node.ovs.ports.count + description: Shows number of OVS ports defined + type: int + applications: + - Openshift Node + ztriggers: - name: 'Openshift Node process not running on {HOST.NAME}' expression: '{Template Openshift Node:openshift.node.process.count.max(#3)}<1' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_node.asciidoc' + url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' priority: high - name: 'Too many Openshift Node processes running on {HOST.NAME}' expression: '{Template Openshift Node:openshift.node.process.count.min(#3)}>1' - url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_node.asciidoc' + url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' + priority: high + + - name: 'OVS may not be running on {HOST.NAME}' + expression: '{Template Openshift Node:openshift.node.ovs.pids.count.last()}<>4' + url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' priority: high + + - name: 'Number of OVS ports is 0 on {HOST.NAME}' + expression: '{Template Openshift Node:openshift.node.ovs.ports.count.last()}=0' + url: 'https://github.com/openshift/ops-sop/blob/node/V3/Alerts/openshift_node.asciidoc' + priority: high + + diff --git a/roles/os_zabbix/vars/template_os_linux.yml b/roles/os_zabbix/vars/template_os_linux.yml index 232139df9..3ae1500bc 100644 --- a/roles/os_zabbix/vars/template_os_linux.yml +++ b/roles/os_zabbix/vars/template_os_linux.yml @@ -203,14 +203,32 @@ g_template_os_linux: applications: - Disk + - discoveryrule_key: disc.filesys + name: "Percentage of used inodes on {#OSO_FILESYS}" + key: "disc.filesys.inodes.pused[{#OSO_FILESYS}]" + value_type: float + description: "PCP derived value of percentage of used inodes on a filesystem." + applications: + - Disk + ztriggerprototypes: - - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free on {HOST.NAME}' + - name: 'Filesystem: {#OSO_FILESYS} has less than 15% free disk space on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>85' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' + priority: warn + + - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free disk space on {HOST.NAME}' expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>90' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' + priority: high + + - name: 'Filesystem: {#OSO_FILESYS} has less than 10% free inodes on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.inodes.pused[{#OSO_FILESYS}].last()}>90' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: warn - - name: 'Filesystem: {#OSO_FILESYS} has less than 5% free on {HOST.NAME}' - expression: '{Template OS Linux:disc.filesys.full[{#OSO_FILESYS}].last()}>95' + - name: 'Filesystem: {#OSO_FILESYS} has less than 5% free inodes on {HOST.NAME}' + expression: '{Template OS Linux:disc.filesys.inodes.pused[{#OSO_FILESYS}].last()}>95' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_filesys_full.asciidoc' priority: high @@ -230,7 +248,7 @@ g_template_os_linux: - name: 'CPU idle less than 5% on {HOST.NAME}' expression: '{Template OS Linux:kernel.all.cpu.idle.last()}<5 and {Template OS Linux:kernel.all.cpu.idle.last(#2)}<5' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_cpu_idle.asciidoc' - priority: high + priority: average description: 'CPU is less than 5% idle' - name: 'CPU idle less than 10% on {HOST.NAME}' |